Getting to the Bigger Truth
AdobeStock_440512855

ESG RESEARCH

The Long Road Ahead to Ransomware Preparedness

Ransomware attacks dominate news headlines and boardroom discussions due to their associated financial burdens, legal consequences, reputational effects, and even impacts on human welfare. To understand how businesses prepare for and recover from this devastating malware, ESG surveyed IT and cybersecurity professionals involved with ransomware protection technology and processes.

Executive Summary

The ransomware threat is a top-of-mind issue for so many organizations; however, few feel totally prepared for an attack. Without an industry reference architecture or blueprint for ransomware protection, organizations are building their own strategies and processes to respond. But with ransomware protection included with so many different security and data protection solutions, many are confused about the scope of what is to be included, who is responsible for the implementation, and who needs to be involved in the conversation.

In order to connect the dots between those organizations that feel most prepared and the specific strategies and plans they are using to get there, with an eye on defining best practices, ESG surveyed 620 IT and cybersecurity professionals personally involved with the technology and processes associated with protecting against ransomware attacks at midmarket (100 to 999 employees) and enterprise (1,000 or more employees) organizations in North America (US and Canada) and Western Europe (UK, France, and Germany).

An important line of defense in the ransomware era is what I call 'protecting the protector'...That means ensuring backup data isn’t vulnerable to corruption. Air-gapping is an important consideration here, which means using technologies like data vaults or tape that can easily put data offline from the main network and outside world. It’s unfortunate that only 30% of organizations have deployed this type of solution today.
christophe-bertrand_150

Christophe Bertrand
ESG Senior Analyst & Practice Director

AdobeStock_339456796

Ransomware data restoration is not as straightforward as a “normal” recovery, and it may be hard to plan for all possible scenarios given the many types of attacks.
Making matters more precarious, 87% of organizations are concerned that their data backup copies themselves could become infected or corrupted by ransomware attacks.

More Ransomware Insights

AdobeStock_163119264

ESG Infographic

2022 Ransomware
Landscape
From frequent attacks on critical systems to major data recovery issues and financial impacts, ransomware consequences refuse to be ignored. See the data behind these trends and more with this free ESG Infographic, 2022 Ransomware Landscape.

Ransomware is its own economy, comprising the cryptocurrency payments that criminals extort, the ransomware software traded on the dark web, the defense technology sold by vendors, and even the cyber insurance policies organizations take out to protect themselves. Any IT organization that thinks they can confront this massive issue with standard security practices of the past could find themselves sorely mistaken and, perhaps, the subject of future news headlines.”
dave-gruber_150-1

Dave Gruber
ESG Principal Analyst

2018-Predictions-HERO

ESG Infographic

The 5 Pillars of Ransomware Preparedness
Few feel ready to deal with the looming ransomware threat due to confusion around what it means to be prepared. Based on recent research, ESG established a framework for combating these attacks. Explore this important security approach with this free ESG Infographic, The 5 Pillars of Ransomware Preparedness.

ESG RESEARCH REPORT

The Long Road Ahead to Ransomware Preparedness

In order to connect the dots between those organizations that feel most prepared and the specific strategies and plans they are using to get there, with an eye on defining best practices, ESG surveyed 620 IT and cybersecurity professionals personally involved with the technology and processes associated with protecting against ransomware attacks at midmarket and enterprise organizations in North America and Western Europe.

ESG-RR-Ransomware

CONTACT US

Ready for even more data-driven insight?

Fill out the form to contact a friendly ESG team member about:

  • Learning how this survey data should affect your business.
  • Providing feedback on this research report.
  • Requesting a read-out of our data set.
  • Asking an ESG analyst questions about this research.
  • Anything else you think our experts might be able to help with!


ESG, a division of TechTarget
275 Grove Street, Suite 1-150
Newton, MA 02466
508.482.0188